package boot.spring.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
@RequestMapping("/testRole")
public class TestRoleController {

    @RequiresRoles(value = {"user","admin"},logical = Logical.AND)
    @RequestMapping("/hasUserAdminRole")
    @ResponseBody
    public Object hasUserRole(){
        return "当前用户:"+ SecurityUtils.getSubject().getPrincipal()+"  同时拥有user,admin角色";
    }

    @RequiresPermissions(value = {"permission1"})
    @RequestMapping(value = "/hasPermission1")
    @ResponseBody
    public Object hasPermission1(){
        return "当前用户:"+ SecurityUtils.getSubject().getPrincipal()+"  拥有permission1权限";
    }

}
